Out-of-bounds Read in git

Do your applications use this vulnerable package? Test your applications

Overview

In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, code to sanity-check pathnames on NTFS can result in reading out-of-bounds memory.

References

CVE Details
Debian Security Tracker
Gentoo Security Advisory
HP Security Bulletin
RHSA Security Advisory
SUSE
Security Focus
Security Tracker
Ubuntu CVE Tracker
Ubuntu Security Advisory

Attack Vector

Network
Attack Complexity

Low
Privileges Required

None
User Interaction

None
Scope

Unchanged
Confidentiality

High
Integrity

None
Availability

None

CVE: CVE-2018-11233
CWE: CWE-125
Snyk ID: SNYK-DEBIAN8-GIT-340886
Disclosed: 30 May, 2018
Published: 30 May, 2018

Out-of-bounds Read
Affecting git package, versions <1:2.1.4-2.1+deb8u6

Overview

References

CVSS Score

Out-of-bounds Read Affecting git package, versions <1:2.1.4-2.1+deb8u6

Overview

References

Out-of-bounds Read
Affecting git package, versions <1:2.1.4-2.1+deb8u6